Security firm issues warning about fake Nimda fix

Computer security firm SecurityFocus said it is not the author of an e-mail and file attachment claiming to be a fix for the recent Nimda worm.

In a warning posted to the company's "Incidents" mailing list yesterday, the San Mateo, California-based company said it believes the attachment could be a Trojan horse program that could damage users' systems if opened.

SecurityFocus said the e-mail claims to come from it as well as from Cupertino, California-based antivirus firm TrendMicro Inc.

"The messages come with an executable attachment named FIX_NIMDA.exe," SecurityFocus said in the warning. "Do not run this attachment. These messages do not come from us or TrendMicro, as a quick check of the headers will reveal. Common sense and best practices indicate that you should not execute any code that come[s] via e-mail unless you authenticate the source of the message."

The Nimda worm -- reports of which first began flooding into mailing lists and security firms two weeks ago -- is a mass-mailed piece of malicious code that infects systems running Microsoft's Windows 95, 98, ME, NT and 2000.

Unlike other worms and viruses, Nimda is capable of spreading via both network-based e-mail and Web browsers. It was also written to scan for and exploit back doors left behind by previous viruses such as Code Red and Sadmind.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about MicrosoftSecurityFocus

Show Comments